Uninstall the YubiKey Minidriver

YubiKey Minidriver Installed using MSI

If the YubiKey Smart Card Mindriver (YubiKey Minidriver) was installed using the MSI, Yubico recommends using the Program and Features Interface to remove it.

  1. Use Windows+R to display the run terminal window, enter appwiz.cpl and click OK.
  2. The Programs and Features window opens. Scroll down and locate the entry for the YubiKey Smart Card Minidriver.
  3. Right click on the YubiKey Minidriver entry and select Uninstall.

Manual Uninstall

Manual install is run in a terminal.

  1. Open Command Prompt as Administrator or PowerShell as Admin.

  2. Run: %windir%\System32\DriverStore\FileRepository

  3. Type cd ykmd and press Tab, and then press Enter. The current path should look similar to the following:

    C:\Windows\System32\DriverStore\FileRepository\ykmd.inf_amd64_1e4c7d5bdb6914f9

  4. If multiple versions of the YubiKey Minidriver have been installed, each has its own separate directory. Repeat this and the following steps for each installation directory.

  5. Type the following command and press Enter:

    rundll32 setupapi.dll,InstallHinfSection DefaultUninstall 4 .\\ykmd.inf

  6. If you want to also delete the driver and other related files from your computer:

    Delete the entire YubiKey Minidriver directory in %windir%\System32\DriverStore\FileRepository\

    From the example in step 3, the directory name is ykmd.inf_amd64_1e4c7d5bdb6914f9.

    To do delete the driver and related files:

    1. The Admin needs to take ownership of the directory use the takeown command. For example, using the directory from step 3, the command is:

      TAKEOWN /F ykmd.inf_amd64_1e4c7d5bdb6914f9 /R /A

    2. Following taking ownership of the directory, grant full control access to the directory and the files within with the icalcs command.

      For example, using the directory from step 3, the command is:

      ICACLS ykmd.inf_amd64_1e4c7d5bdb6914f9 /grant Administrator:F /T

    3. After the ownership and access is set, the files can be deleted as normal.

Preventing Reinstallation after Removal

To prevent the YubiKey Minidriver from being reinstalled after removal, blocked it via the Windows Group Policy.

These are steps for Windows 10. Steps for Windows 11 are slightly different.

  1. Right-click the Windows Start button and select Run.

  2. Type gpmc.msc and press Enter.

  3. Navigate to the AD forest and Domain containing your server, double-click your server and double-click Group Policy Objects.

  4. Right-click on the group policy you want to edit, and then select Edit.

  5. Expand Computer Configuration > Administrative Templates > System > Device Installation > Device Installation Restrictions.

  6. Right-click Prevent installation of the of devices that match any of these device IDs and select Edit.

  7. Click the option Enabled.

  8. Under Options, click Show.

  9. Enter the Hardware ID. This can be found via Device Manager:

    1. Click Smart Cards > YubiKey Smart Card.
    2. Right click on the YubiKey Smart Card and select Properties.
    3. Open the Details tab, and the drop down to Hardware IDs.

    The SCFILTER\CID_ID# value for the YubiKey is displayed. Note that YubiKey 4, YubiKey 5, and YubiKey NEO have different hardware IDs.

  10. Click OK.